Presentation is loading. Please wait.

Presentation is loading. Please wait.

Managing Data Center Server Compliance Using System Center System Center Microsoft Corporation.

Published byShon Leonard Modified over 8 years ago

Similar presentations

Presentation on theme: "Managing Data Center Server Compliance Using System Center System Center Microsoft Corporation."— Presentation transcript:

1 Managing Data Center Server Compliance Using System Center System Center Microsoft Corporation

2 Agenda Server Compliance in the Data Center Microsoft’s Approach Server Compliance Capabilities Benefits and Conclusion

3 Increasing Server Compliance Demands In the Data Center Internal Compliance Data access and retention controls Corporate security policies for access to applications IT spend on compliance increasing External Compliance Financial regulations Data access controls Corporate auditors Increasing number of servers in data center that must be controlled Compliance processes must scale to increased number of servers Virtualization introduces risk of lack of controls Data control continues to be vital Changing Data Center

4 Managing Server Compliance Controls Must Be Enforced Across Complete Data Center Greater flexibility but lower control with server virtualization Centralization of services into data center increases need for centralized compliance Security Event Collection Must Be Cost Effective Volume of data that must be collected increasing dramatically More external and internal demand for security event reports More external and internal demand for security event reports Security and Server Management Must Reduce Risk Data and application access risks drive need to look across security disciplines Compliance requirements require holistic security approach

5 Dynamic IT and the Optimized Data Center Unified & Virtualized, Process-Led, Model-Driven Service-Enabled User-Focused Bring into template Infrastructure Optimization Models

6 System Center Server Compliance Solution Supports Enhanced Compliance Desired server configuration management Asset intelligence reporting Security vulnerability assessment Configuration Controls and Reporting Collection and consolidation of security events Reporting to meet audit requirements Default and custom reporting Centralized Security Auditing Holistic server and security management Visibility of health and security status of data center Automated deployment of security updates Identity And Access Management

7 Configuration Controls and Reporting Badly configured servers represent compliance and security risks Multiple administrators making changes to server Server configuration drift (settings changes, account permissions etc.) Create, maintain, and report on configuration controls for the data center environment Automate process for desired configuration management with packaged configuration knowledge to reduce cost Utilize best practices built directly into solution for faster deployment “In today’s world, it’s important to have documented, followed processes for compliance auditing, including security and audit logs within Windows. [System Center’s] capabilities allow us to prevent unauthorized access attempts and improve our overall network activity analysis tremendously.” - Tony Carnevale, Technical Advisor, Sunnybrook Health Sciences Centre Server Compliance Capabilities Challenges Addressed

8 Server Compliance Management Knowledge Driven Server Compliance Management Develop, then automatically deploy and manage configuration baselines OS, application and user settings Update and patch installation Security settings Dashboards provide IT management with holistic view of configuration compliance Detail reports support targeted action Automate configuration remediation for all required servers

9 Server Compliance Management Built In Server Compliance Best Practices Configuration Packs support compliance through Desired Configuration Management: Configuration items, settings and values Targeted assessment of servers against specific configuration baselines Customizable settings Specific Configuration Packs for:Sarbanes-Oxley Federal Information Security Management Act (FISMA) Gramm-Leach-Bliley (GLBA) Health Insurance Portability and Accountability Act (HIPAA) European Union Data Protection Directive (EUDPD)

10 Server Compliance Management Asset Intelligence Reporting Reducing license compliance risk through reporting Hardware and software inventory Software license usage information Software catalogue based asset reporting Regularly refreshed central via Microsoft service Online, automated synchronization Ability to add custom data

11 Server Compliance Management Security Vulnerability Assessment Security compliance reporting Security specific Configuration Packs Best practices for planning, setting, monitoring and remediating security baselines Reduced effort to manage risk in the data center Automate security assessments Support change management for security settings

12 Centralized Auditing of Security Events Greater centralization of sensitive or mission critical information and application in the data center Increased demands for security event data for internal and external compliance Centrally gather security related events directly from all data center servers Report and track all security log events to ease reporting Consolidate data and report to auditors and security officers to enable compliance assessment Server Compliance Capabilities Challenges Addressed “SAS 70 is a huge initiative for us with regard to our data centers and all of our applications, and SOX is obviously important as well. With [System Center] my team has reduced the amount of time that we spend collecting security log information, for example, we just completed an investigation and pulled the security report in less than 5 minutes. In the past it would have taken days.” - Jeff Skelton, Manager, Enterprise Management Center, Stewart

13 Centralized Auditing of Security Events Meet Security Audit Reporting Needs Collection and consolidation of server security log information Near real-time consolidated security log information from across data center Extensive reporting for external and internal compliance requirements Custom and default reporting includes: Account management Access violation Policy changes System integrity

14 Comprehensive Security and Identity & Access Management Greater complexity of data center environment and changing user access methods increases security risks Data protection requirements driving compliance efforts Combine security and management capabilities for the data center with System Center and Microsoft Forefront Reduce overhead associated with managing identities and improve security in the data center Server Compliance Capabilities Challenges Addressed “I’m now 15 to 20 percent more productive, with an additional six to eight hours per week to spend on new IT initiatives instead of simply keeping everything up and running. And our other IT administrator is saving four to six hours per week. With systems now more integrated and automated, we have avoided the need to hire a third IT administrator to accomplish everything that needs to be done” - Will Wilson Director of Information Systems Guardian Management LLC

15 Security and Identity & Access Management Manage the Identity Lifecycle Integrated approach to identity and access management Managing digital certificates, Password policy enforcement User provisioning Identity lifecycle Active directory integration Appropriate user privileges e.g. segregation of duties etc. Identification and removal of rogue accounts

16 Identify and Access Management Integrated Security Management Combining System Center and Microsoft Forefront Ability to build on a common management and security platform Combined interoperability with key technologies and workloads Provide administrators with clear visibility into security and systems health state Alerts and emerging trends of security issues Quick drill-down into key detail to enable fast resolution Automated security update deployment through System Center Forefront Management packs Combined security management for key workloads such as Exchange and SharePoint SharePoint Servers Exchange Servers

17 Server Compliance Solution Summary Support IT compliance on the servers in the Data Center Configuration controls Consolidated collection and reporting of security reporting Comprehensive security and identify and access management Efficiently meeting the server compliance challenges: Configuration controls enforced across all data center physical and virtual servers Security event auditing requirements can be met without excessive cost Reduced risk of server security or access issues

18 Data Center Management Solution Benefits System Center Server Management Suite Enterprise Integrated Management Unified user interface Manage physical and virtual Manage Microsoft and non-Microsoft Optimized Resources Improve efficiency and reduce costs Quicker time to value Available and Responsive Increased uptime through knowledge Extend and interoperate to non- Microsoft technologies

19 Managing the Server Lifecycle

20 Conclusion System Center meets the server compliance management challenge Reduce costs and scale to the new data center requirements Optimize use of data center resources through consolidation Manage physical and virtual servers with one environment System Center has the solutions to meet the challenges of the changing data center In an easy to acquire, high value server management suite

21 © 2008 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

22 Server Management Suite Enterprise SolutionAccelerators Software Partners Providing a Complete Solution Example Microsoft Applications and Technologies Configuration Management Optimization Server Consolidation Using Virtualization Service Management Optimization Quest, Novell, Xandros, Nworks Avicode, AmberPoint Dell, HP, IBM, EMC Secure Vantage, ECC Microsoft Deployment and Microsoft Assessment and Planning Solution Offline Virtual Machine Servicing Tool Service Level Dashboard for Operations Manager The Security Compliance Management toolkit Configuration Manager Operations Manager Data Protection Manager Virtual Machine Manager Windows Server 2008 SQL Server, Exchange, SharePoint ForefrontIdentity and Access Microsoft Consulting Services

23 Configuration Management Solution Example Microsoft Applications and Technologies Configuration Management Optimization Server Consolidation Using Virtualization Service Management Optimization Quest, Novell, Xandros, Nworks Avicode, AmberPoint Dell, HP, IBM, EMC Secure Vantage, ECC Microsoft Deployment and Microsoft Assessment and Planning Solution Offline Virtual Machine Servicing Tool Service Level Dashboard for Operations Manager The Security Compliance Management toolkit Configuration Manager Operations Manager Data Protection Manager Virtual Machine Manager Windows Server 2008 SQL Server, Exchange, SharePoint ForefrontIdentity and Access Update the colors/styles per previous slide For this version, this client would like to create separate slides that highlight certain pieces. Please highlight the rainbow boxes(not using rainbows of course ) Update the colors/styles per previous slide For this version, this client would like to create separate slides that highlight certain pieces. Please highlight the rainbow boxes(not using rainbows of course ) Server Management Suite Enterprise SolutionAccelerators Software Partners Microsoft Consulting Services

24 End to End Monitoring Solution Example Microsoft Applications and Technologies Configuration Management Optimization Server Consolidation Using Virtualization Service Management Optimization Quest, Novell, Xandros, Nworks Avicode, AmberPoint Dell, HP, IBM, EMC Secure Vantage, ECC Microsoft Deployment and Microsoft Assessment and Planning Solution Offline Virtual Machine Servicing Tool Service Level Dashboard for Operations Manager The Security Compliance Management toolkit Configuration Manager Operations Manager Data Protection Manager Virtual Machine Manager Windows Server 2008 SQL Server, Exchange, SharePoint ForefrontIdentity and Access Server Management Suite Enterprise SolutionAccelerators Software Partners Microsoft Consulting Services

25 Server Compliance Solution Example Microsoft Applications and Technologies Configuration Management Optimization Server Consolidation Using Virtualization Service Management Optimization Quest, Novell, Xandros, Nworks Avicode, AmberPoint Dell, HP, IBM, EMC Secure Vantage, ECC Microsoft Deployment and Microsoft Assessment and Planning Solution Offline Virtual Machine Servicing Tool Service Level Dashboard for Operations Manager The Security Compliance Management toolkit Configuration Manager Operations Manager Data Protection Manager Virtual Machine Manager Windows Server 2008 SQL Server, Exchange, SharePoint ForefrontIdentity and Access Update the colors/styles per previous slide For this version, this client would like to create separate slides that highlight certain pieces. Please highlight the rainbow boxes(not using rainbows of course ) Update the colors/styles per previous slide For this version, this client would like to create separate slides that highlight certain pieces. Please highlight the rainbow boxes(not using rainbows of course ) Server Management Suite Enterprise SolutionAccelerators Software Partners Microsoft Consulting Services

26 Data Protection and Recovery Example Microsoft Applications and Technologies Configuration Management Optimization Server Consolidation Using Virtualization Service Management Optimization Quest, Novell, Xandros, Nworks Avicode, AmberPoint Dell, HP, IBM, EMC Secure Vantage, ECC Microsoft Deployment and Microsoft Assessment and Planning Solution Offline Virtual Machine Servicing Tool Service Level Dashboard for Operations Manager The Security Compliance Management toolkit Configuration Manager Operations Manager Data Protection Manager Virtual Machine Manager Windows Server 2008 SQL Server, Exchange, SharePoint ForefrontIdentity and Access Update the colors/styles per previous slide For this version, this client would like to create separate slides that highlight certain pieces. Please highlight the rainbow boxes(not using rainbows of course ) Update the colors/styles per previous slide For this version, this client would like to create separate slides that highlight certain pieces. Please highlight the rainbow boxes(not using rainbows of course ) Server Management Suite Enterprise SolutionAccelerators Software Partners Microsoft Consulting Services

Download ppt "Managing Data Center Server Compliance Using System Center System Center Microsoft Corporation."

Similar presentations

What is Infrastructure Optimisation and Why should you care?

What is Infrastructure Optimisation and Why should you care?
IBM Software Group ® Integrated Server and Virtual Storage Management an IT Optimization Infrastructure Solution from IBM Small and Medium Business Software.

IBM Software Group ® Integrated Server and Virtual Storage Management an IT Optimization Infrastructure Solution from IBM Small and Medium Business Software.
Your Data Any Place, Any Time Manageability. SQL Server 2008 Manageability Challenges Challenges face database administrators today : Managing complex.

Your Data Any Place, Any Time Manageability. SQL Server 2008 Manageability Challenges Challenges face database administrators today : Managing complex.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Windows Server Deployment and Management With System Center.

Windows Server Deployment and Management With System Center.
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.

Introduction to Systems Management Server 2003 Tyler S. Farmer Sr. Technology Specialist II Education Solutions Group Microsoft Corporation.
Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.

Enterprise CAL Overview. Different Types of CALs Standard CAL base A component Standard CAL is a base CAL that provides access rights to basic features.
1 Vladimir Knežević Microsoft Software d.o.o.. 80% Održavanje 80% Održavanje 20% New Cost Reduction Keep Business Up & Running End User Productivity End.

1 Vladimir Knežević Microsoft Software d.o.o.. 80% Održavanje 80% Održavanje 20% New Cost Reduction Keep Business Up & Running End User Productivity End.
Security Controls – What Works

Security Controls – What Works
Www.lumension.com © Copyright 2008 - Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.

© Copyright Lumension Security Lumension Security PatchLink Enterprise Reporting™ 6.4 Overview and What’s New.
Understanding Active Directory

Understanding Active Directory
Why Improve Datacenter Automation? “ Studies show up to 80% of network availability incidents and 60% of security issues can be tied to human error” CIO.

Why Improve Datacenter Automation? “ Studies show up to 80% of network availability incidents and 60% of security issues can be tied to human error” CIO.
Data Center End to End Monitoring With System Center

Data Center End to End Monitoring With System Center
Executive Overview. PLEASE READ (hidden slide) To deliver this presentation effectively, you need to be familiar with Windows Server 2008 R2 management.

Executive Overview. PLEASE READ (hidden slide) To deliver this presentation effectively, you need to be familiar with Windows Server 2008 R2 management.
Ravi Sankar Technology Evangelist | Microsoft Corporation

Ravi Sankar Technology Evangelist | Microsoft Corporation
SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –

SYSTEM CENTER: ENDPOINT PROTECTION FUNDAMENTALS Howard A. Carter III Senior Consultant Microsoft Consulting Services September 21, 2013 TechGate 2013 –
Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.

Cloud Attributes Business Challenges Influence Your IT Solutions Business to IT Conversation Microsoft is Changing too Supporting System Center In House.
Computer Associates Solutions Managing eBusiness Catalin Matei, April 12, 2005

Computer Associates Solutions Managing eBusiness Catalin Matei, April 12, 2005
Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.

Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.

Similar presentations

Ads by Google